Slashdot Mirror
Canon Printer Hacked To Run Doom Video Game
wiredog writes Security researcher Michael Jordon has hacked a Canon's Pixma printer to run Doom. He did so by reverse engineering the firmware encryption and uploading via the update interface. From the BBC: "Like many modern printers, Canon's Pixma range can be accessed via the net, so owners can check the device's status. However, Mr Jordon, who works for Context Information Security, found Canon had done a poor job of securing this method of interrogating the device. 'The web interface has no user name or password on it,' he said. That meant anyone could look at the status of any device once they found it, he said. A check via the Shodan search engine suggests there are thousands of potentially vulnerable Pixma printers already discoverable online. There is no evidence that anyone is attacking printers via the route Mr Jordon found."
How much paper does that use ?
Another headline I never expected to read.
... can you run multiplayer doom if you have several of these printers? Maybe make the printer print out red when you're hit?
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
I guess this depends on the frame rate.
I really shouldn't be getting my tech news from sites that are basically a day behind BBC News.
Before you just sign off and assume that 30MB is a completely acceptable install size for a single printer driver or a single group of drivers from a single printer manufacturer simply because HP somehow manages to waste a whole order of magnitude more space, compare that to the installed size of the Linux CUPS printing subsystem and its ENTIRE DRIVER SET FOR ALL SUPPORTED DEVICES.
"The colour palette is still not quite right," he said. "But it proves the point and it runs quite quickly, though it's not optimised."
Mr Jordon has no plans to fine tune the demonstration and do that optimisation or take on more work to get the game beyond its loading screen, given how much trouble it took to get it working at all.
"I'm so sick of it," he said. "I'm done."
On a blog entry about Mr Jordon's work, Canon said it intended "to provide a fix as quickly as is feasible".
This will involve adding a user name and password field to the web interface for future Pixma printers and issuing an update for existing owners to add the same feature.
It looks like Cannon is planning to release a fix to correct the color palette and get the game optimized! Even better they are going to add accounts to the game for scores and going to release this for all previous purchasers of the printer! Sweet!
:p
ERROR: SIG NOT FOUND (A)bort, (R)etry, (F)ail?:
Wasn't Doom released in the era of the 25MHz 486 with 1-4 megs of RAM and 640x480 VGA with no acceleration? It probably helps if the screen is only 320x240 QVGA. It depends on which CPU is in use, but something designed to print a full page at 150-ish DPI should have more than enough RAM and CPU. The front panel alone has 2 megabytes of RAM, and a 45MHz LVDS interface for display data, as per its recent hackaday appearance:
http://hackaday.com/2014/09/11...
#naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
Please, when can we have a hack that makes these printers print in Linux?
Or *BSD support?
Or Android support?
Sent from my ASR33 using ASCII
Well I too have a bunch of optional stuff that objectively speaking, I REALLY don't need, like bluetooth support (not to mention all the extra drivers and the development headers for compiling stuff, and a bunch of filters packages that I don't even know what they're for, in both 64-bit and 32-bit format due to compiling multi-arch stuff on this system) but I'm still sitting on a total install base of a bit less than 17MB. If Canon actually needs 30MB just for their own drivers and presumably the printing system itself is part of the Windows kernel, I think something is REALLY REALLY wrong.
I'm not assuming 30MB is acceptable. Windows drivers for some printers don't even reach 1MB, so I understand what you're saying.
However, saying that the software for Canon printers is horrid is just untrue, because I work with quite a few such printers and it rarely gives me trouble, even in networked environments. And less than 30MB is certainly better than what most other manufacturers are doing.
I can also give you one good explanation for why the package is ~30MB rather than much less: there are dozens of localized DLLs that have precisely the same code, but different strings inside. Yeah, that's sloppy, but the end result is still much better than what other manufacturers are doing. And then there's an x86 and an x64 version of each. All in all, for a single driver that is actually loaded in a particular system, you end up with far less than 30MB.
See this for an example: http://www.usa.canon.com/cusa/support/consumer/printers_multifunction/pixma_mp_series/pixma_mp560#DriversAndSoftware
Use it as Tor Relays.
It doesn't even have to be an exit node, but thousands of added Tor nodes running no logging and providing hop services for in-network traffic would be a huge boon for the privacy of all users. Best part, if you kept the cpu usage down, you could keep a print daemon running on them so the end users of the printer weren't affected, and allow anyone sympathetic to run it with valid deniability.
To be fair, you do partially have a point there; the official Canon printer drivers certainly support more of their own printers than CUPS does. I can tell you that without even looking at Canon's official driver install. However, the total amount of printers supported by CUPS, since it includes a sampling of most major manufacturer's printers (and all of the features of most of said printers) utterly dwarves what any one manufacturer supports currently in their own drivers in Windows. Yes, the average age of the list doesn't necessarily include as many printers released THIS YEAR (another partial point to your statement) but it also doesn't exclude printers that used to work simply because they're old enough that Canon wants you to buy a new one so they simply merged out support. What you're getting in that 17MB (probably less than 10MB really, for normal users - my installation case is an exception because I use multi-arch and compile a lot of packages on my own) is basic or complete support for a broad cross section of printers going back for more than a decade, not just the most recent offerings of one manufacturer's last 2 years of flagship products. Note this figure also includes the documentation.
But that doesn't really mean Canon's software is in and of itself bloated and horrible necessarily. If I had to bet on it, my guess would be that 28MB of the 30MB used by the Canon driver install is a hidden video of the developers eating birthday cake.
> 25MHz 486 and 640x480 VGA with no acceleration?
Before you get flamed ...
Dos Doom used @ 320x200 in ModeY, Quake supported Michael Abrash's ModeX @ 320x240.
Doom95 which ran on Windows 95 supported different resolutions.
I played it on my 386SX 16 MHz with the screen shrunk down a few levels. It was silky smooth on the Pentium 90 MHz, and the Pentium Pro 200 MHz (obviously) as was Quake.
Reference: http://doom.wikia.com/wiki/Asp...
http://www.smbc-comics.com/?id...
THANK YOU, as it doesn't matter if you can squeeze a driver set down to 1Kb if the damned things don't work or work half assed which is what I found trying random printers on Linux at the shop last year. Some would print but NOT scan, some would scan but came out lousy, and frankly NONE of them worked OOTB without seriously fiddling. Compare this to a Windows printer install...1.- Put CD in driver, 2.- Follow instructions....there is no step three! And the driver is 30 Mb, oh noes...who fricking cares? What kind of garbage are you dumpster diving where 30Mb or even 300Mb makes a damned bit of difference? Hell the cheapest shittiest used towers I keep around just to have something under $99 have 160Gb drives so who cares about drivers in the Mb range?
As for TFA...is anybody REALLY surprised, I mean really? These corps never think about security until it bites them square on the ass so while I'm glad its a white hat and not a black pulling this I really wouldn't be surprised if all consumer printers with net features is equally shitty, its just not something they even bothered considering. It reminds me how there was zero security on faxes until assholes started spamming black faxes, most of these companies just don't think "What would a giant douchebag do?" which sadly today is EXACTLY what you have to consider right off the bat.
ACs don't waste your time replying, your posts are never seen by me.